| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in okiraku.php in O-Kiraku Nikki 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the day_id parameter. |
| The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information. |
| The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command. |
| Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors. |
| Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges. |
| Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges. |
| Buffer overflow in CProxy 3.3 allows remote users to cause a denial of service via a long HTTP request. |
| Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name. |
| Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string. |
| Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands. |
| Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files. |
| The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option. |
| The Intel express 8100 ISDN router allows remote attackers to cause a denial of service via oversized or fragmented ICMP packets. |
| Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 allow local users to execute arbitrary code via long command line arguments to (1) asmaster, (2) asuser, (3) asutility, (4) se, or (5) asrecovery. |
| BeOS 5.0 allows remote attackers to cause a denial of service via fragmented TCP packets. |
| Real Networks RealServer 7.x allows remote attackers to cause a denial of service via a malformed request for a page in the viewsource directory. |
| PHP file include vulnerability in SocketKB 1.1.0 and earlier allows remote attackers to include arbitrary local files via the __f parameter. |
| Multiple cross-site scripting (XSS) vulnerabilities in JustWilliam's Amazon Webstore 04050100 allow remote attackers to inject arbitrary web script or HTML via the (1) image parameter to closeup.php, the (2) currentIsExpanded or (3) searchFor parameters to index.php, (4) the currentNumber parameter to software_CAD_Technical_60002_uk.htm, or (5) a cookie. |
| IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. |
